We’ve put together our bi-weekly compilation of infosec articles from around the security industry. Read updates on botnets like Gafgyt and Virobot. Learn about hackers targerting real estate deals, and more.

For more articles, check out our #onpatrol4malware blog.

emotet trojan

Dissecting the first Gafgyt bot implementing the “VanillaUPX technique”

Source: Security Affairs


Experts at the CSE Cybsec Z-Lab have found a Gafgyt variant implementing the VanillaUPX technique recently presented in a cybersecurity conference. Read more.

emotet trojan

Meet Black Rose Lucy, the Latest Russian MaaS Botnet

Source: Check Point Research

Check Point Research intercepted a new MaaS product, Black Rose Lucy, developed by a Russian speaking team who have been dubbed ‘The Lucy Gang’. Read more.

emotet trojan

Viro Botnet Ransomware Breaks Through

Source: Trend Micro

Users in the United States are now being affected by Viro botnet, which has both ransomware and botnet capabilities. Read more.

emotet trojan

DanaBot shifts its targeting to Europe, adds new features

Source: We Live Security

ESET researchers have discovered new DanaBot campaigns targeting a number of European countries. Read more.

emotet trojan

Hackers target real estate deals, with devastating impact

Source: ZDNet

A report by the FBI’s Internet Crime Complaint Center said the number of victims of email fraud involving real estate transactions rose 1,110 percent between 2015 to 2017, with 2017’s losses totaling over $56 million. Read more.

emotet trojan

A New Mining Botnet Blends Its C2s into ngrok Service

Source: Netlab 360

A new botnet hides its C2s (Downloader and Reporter server) by using the ngrok reverse proxy service to periodically generate large number of random subdomain names. Read more.

emotet trojan

Beware of Hurricane Florence Relief Scams

Source: Krebs on Security

A slew of new domains apparently related to Hurricane Florence relief efforts are now accepting donations on behalf of victims without much accountability for how the money will be spent. Read more.

emotet trojan

VPNFilter III: More Tools for the Swiss Army Knife of Malware

Source: Talos Intelligence

VPNFilter — a multi-stage, modular framework that has infected hundreds of thousands of network devices across the globe — is now known to possess even greater capabilities. Read more.